A New Approach to Prevent Black Hole Attack in AODV

Report as inappropriate Your report has been received

Description

The International Journal of Computer Science and Information Security (IJCSIS) is a reputable venue for publishing novel ideas, state-of-the-art research results and fundamental advances in all aspects of computer science and information & communication security. IJCSIS is a peer reviewed international journal with a key objective to provide the academic and industrial community a medium for presenting original research and applications related to Computer Science and Information Security. . The core vision of IJCSIS is to disseminate new knowledge and technology for the benefit of everyone ranging from the academic and professional research communities to industry practitioners in a range of topics in computer science & engineering in general and information & communication security, mobile & wireless networking, and wireless communication systems. It also provides a venue for high-calibre researchers, PhD students and professionals to submit on-going research and developments in these areas. . IJCSIS invites authors to submit their original and unpublished work that communicates current research on information assurance and security regarding both the theoretical and methodological aspects, as well as various applications in solving real world information security problems. . Frequency of Publication: MONTHLY ISSN: 1947-5500 [Copyright � 2011, IJCSIS, USA]

Shared by: ijcsis

Stats

views:: 397
posted:: 2/14/2011
language:: English
pages:: 6

Public Domain

Document Sample

(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 1, 2011

A New Approach to Prevent Black Hole Attack in
AODV
M. R. Khalili Shoja Hasan Taheri Shahin Vakilinia
Department of Electrical Department of Electrical Department of Electrical
Engineering, Amirkabir University Engineering, Amirkabir University Engineering, Sharif University
of Technology, Tehran, Iran of Technology, Tehran, Iran of Technology, Tehran, Iran
m.khalili@aut.ac.ir htaheri@aut.ac.ir vakilinia@ee.sharif.edu

Abstract— Ad-hoc networks are a collection of mobile hosts that proposed solution is discussed in section 6. In section 7,
communicate with each other without any infrastructure. These simulation results are analyzed.
networks are vulnerable against many types of attacks including
black hole. In this paper, we analyze the effect of this attack on
II. AODV ROUTING PROTOCOL
the performance of ad-hoc networks using AODV as a routing
protocol. Furthermore, we propose an approach based on hash AODV is used to find a route between source and
chain to prevent this type of attack. Simulation results using destination as needed and this routing protocol uses three
OPNET simulator depicts that packet delivery ratio, in the significant type of messages, route request (RREQ), route
presence of attacker nodes, reduces remarkably. On the other reply (RREP) and route error (RERR). Field information of
hand, applying proposed approach can reduce the effect of black
these messages, such as source sequence number, destination
hole attacks.
sequence number, hop count and etc is explained in detail in
Keywords:AODV;black hole;hash chain;OPNET [2]. Each node has a routing table, which contains information
about the route to the specific destination. When source node
I. INTRODUCTION wants to communicate with a destination and there is not any
route between them in its routing table, at first step source
Ad-hoc networks are characterized by dynamic topology, node broadcasts RREQ. So, RREQ is received by intermediate
self-configuration, self-organization, restricted power, nodes that they are in the transmission range of sender. These
temporary network and lack of infrastructure. Characteristics of nodes broadcast RREQ until RREQ is received by destination
these networks lead to using them in disaster recovery or an intermediate node that has fresh enough route to the
operation, smart buildings and military battlefields [1].
destination. Then it sends RREP unicastly toward the source.
Routing protocol in ad-hoc networks are classified into two Hence, a route among source and destination is made. A fresh
main categories, proactive and reactive [3]. In proactive routing enough route is a valid route entry that its destination sequence
protocols, routing information of nodes is exchanged, number is at least as great as destination sequence number in
periodically, such as DSDV [4]. In on-demand routing RREQ. The source sequence number is used to determine
protocols, nodes exchange routing information when needed freshness about route to the source. In addition, destination
such as, AODV [2] and DSR [5]. Furthermore, some ad-hoc sequence number is used to determine freshness of a route to
routing protocols are a combination of above categories. the destination. When intermediate nodes receive RREQ, with
Although trusted environment has been assumed in most consideration of source sequence number and hop count, make
research on ad-hoc routing protocols, many usages of ad-hoc or update a reverse route entry in its routing table for that
network run in untrusted situations. So, most ad-hoc routing source. Furthermore, when intermediate nodes receive RREP,
protocols are vulnerable to diverse types of attacks that one of with consideration of destination sequence number and hop
which is black hole attack. In this attack, a malicious node uses count, make or update a forward route entry in its routing table
the routing protocol to advertise itself as having the shortest or for that destination.
freshest path to the node whose packets it wants to intercept. In
a flooding based protocol, the attacker listens to requests for III. CLASSIFICATION OF ATTACKS IN MANET
routes. When the attacker receives a request for a route to the The attacks in MANET can be classified into two
target node, the attacker creates a reply consisting of an categories, called passive attacks and active attacks. Passive
extremely short or fresh route [6]. The rest of this paper is attacks are done to steal information of network such as,
organized as follows: In section 2, AODV routing protocol is eavesdropping attacks and traffic analysis attacks. Indeed,
described. In section 3, we describe classification of attacks in passive attackers get data exchanged in the network without
MANET. Network layer attack is described in section 4. disrupting the operation of a network and modification of
Section 5 summarizes related works and detailed description of exchanged data. On the other hand, in active attacks,
replication, modification and deletion of exchanged data is

24 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 1, 2011
done by attackers. The attacks in ad-hoc networks can also be
classified into two categories, called external attacks and Get RREQ
packet
internal attacks. Internal attacks are done by authorized node in
the network, whereas external attacks are executed by nodes
that they are not authorized to participate in the network Is the sender of
Yes
options. Another classification of attacks is related to protocol RREQ in blacklist? Drop the packet
stacks, for instance, network layer attacks.
No
IV. NETWORK LAYER ATTACKS IN MANET
Calculate the hash order in
hash_RREQ.
Some network layer attacks are described in below:

A. Wormhole attack
In this attack, an attacker records a packet, at one location
Is it bigger than Yes
in the network, tunnels the packet to another location and hash order of
Accept the packet
replays it there [21]. criterion?

B. Byzantine attack
In this attack, malicious nodes individually or cooperatively No
carry out attacks such as creating routing loops and forwarding
packets through non-optimal paths. Calculate the hash of hash_RREQ
specific times

C. Rushing attack
No Drop the packet and set the name of
Rushing attacker forwards packets quickly by skipping Is it equal to sender node in blacklist.
some of the routing processes. So, in on-demand routing criterion?

protocol such as AODV, the route between source and
destination include rushing nodes. Yes

Accept the packet and change
D. Resource consumption attack the criterion to the value of
hash_RREQ
In this attack, an attacker attempts to consume battery life
of other nodes.
Calculate hash of hash_RREQ
and set this value in hash_RREQ
E. Location disclosure attack Is it destination?
No
and rebroadcast RREQ.
In this attack, information relating to structure of network
Yes
is revealed by attacker nodes.
Send RREP
F. Black hole attack
In black hole attack, malicious nodes falsely claim a fresh Figure 1. Operation at intermediate nodes when receive RREQ
route to the destination to absorb transmitted data from source
to that destination and drop them instead of forwarding. So, false information about source node is inserted to the
Black hole attack in AODV protocol can be classified into routing table of nodes that get fake RREQ. Hence, if these
two categories: black hole attack caused by RREP and black nodes want to send data to the source, at first step they send it
hole attack caused by RREQ. to the malicious node.
1) Black hole attack caused by RREQ
With sending fake RREQ messages an attacker can form black 2) Black hole attack caused by RREP
hole attack as follows: With sending fake RREP messages an attacker can form black
a) Set the originator IP address in RREQ to the hole attack. After receiving RREQ from source node, a
originating node’s IP address. malicious node can generate black hole attack by sending
b) Set the destination IP address in RREQ to the RREP as follow:
destination node’s IP address. a) Set the originator IP address in RREP to the
c) Set the source IP address of IP header to its own IP originating node’s IP address.
address. b) Set the destination IP address in RREP to the
d) Set the destination IP address of IP header to destination node’s IP address.
broadcast address. c) Set the source IP address of IP header to its own IP
e) Choose high sequence number and low hop count address.
and put them in related fields in RREQ. d) Set the destination IP address of IP header to the IP
address of node that RREQ has been received from it.

25 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 1, 2011
TABLE I. SIMULATION PARAMETERS

Simulation parameters Value
Number of nodes 46
Network size 600*600(m)
Simulation duration 600(sec)
Transmit power(w) .0001

Packet Reception-power Threshold(dBm) -95

Hash function SHA-1
Source node Mobile-node-1
Destination node Mobile-node-4
Packet Inter-Arrival Time(sec) Uniform(.1,.11)
Packet size(bits) Exponential(1024)

Figure 2. Network topology

e) Choose high number for sequence number and low message to verify the validity of the route. Zhang and Lee [16]
number for hop count. propose a distributed and cooperative intrusion detection
So, data from source reach to malicious node and it drops model based on statistical anomaly detection techniques. In
them. [17], the intermediate node requests its next hop to send a
confirmation message to the source. After receiving both route
V. RELATED WORKS reply and confirmation message, the source determines the
validity of path according to its policy. In [18], Huang et al use
There are basically two approaches to secure MANET: both specification-based and statistical-based approaches.
1.securing ad-hoc routing and 2.Intrusion detection [7]. They construct an Extended Finite State Automation (EFSA)
A. Securing routing according to the specification of AODV routing protocol and
Ariadne [8] has proposed ad-hoc routing protocol that model normal state and detect attacks with anomaly detection
provides security in MANET and relies on efficient symmetric and specification-based detection. An approach based on
cryptography. This protocol is based on the basic operation of dynamic training method in which the training data is updated
the DSR protocol. In [9], a secure routing protocol based on at regular time intervals has been proposed in [19].
DSDV has been proposed. Hash chains have been used to VI. PROPOSED WORK
authenticate hop counts and sequence numbers. ARAN [10]
uses cryptographic public-key certificates in order to achieve As we will discuss, AODV is weak against black hole
the security goals. The goal of SAR [11] is to characterize and attack. In this paper we propose mechanism to prevent black
explicitly represent the trust values and trust relationships hole attack based on hash chain. Black hole attack is based on
associated with ad-hoc nodes and use these values to make modification of sequence number and hop count. In this
routing decisions. Secure AODV (SAODV) [12] is a security method, when an intermediate node receives RREQ or RREP,
extension of AODV protocol, based on public key check an extra field, which will be explained later, to verify
cryptography. Hash chains are used in this protocol to sequence number and hop count. If this node authenticates
authenticate the hop count. Adaptive SAODV (A-SAODV) validity of this field, it can accept control messages and fill its
[13] has proposed a mechanism based on SAODV for routing table accordingly. We add one field named
improving the performance of SAODV. In [14] a bit of hash_RREQ to RREQ and similarly, one field called
modification has been applied to A-SAODV for increasing its hash_RREP to RREP. We assume that only destination can
performance. TRP [20] employs hash chain algorithm to send RREP, although, intermediate nodes can have enough
generate a token, which is appended to the data packets to fresh routes to the destination. It means that destination only
identify the authenticity of the routing packets and to choose flag in RREQ must be set. When source node wants to send
correct route for data packets. TRP provides significant data to destination, it must use AODV protocol to find a route
reduction in energy consumption and routing packet delay by to the destination. So this node sends new RREQ as below:
using hash algorithm.
Normal RREQ Hash-RREQ
B. Intrusion detection system
[15] introduces a method that requires each intermediate node
to send back the next hop information inside RREP message. Normal RREQ is RREQ in AODV and hash_RREQ field is
This method uses further request message and further reply a new field that we add to existing protocol. Source node

26 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 1, 2011
should fill this field and intermediate nodes should verify the
authenticity and change this field as will be explained. Source
node chooses a random number as a seed. After that this node
calculates hash of the seed a specific number of times as
below:
h( a − i ).b + j ( seed ) (1)
Where hr ( x ) means calculation of hash of x, r times (or
order of hash is r) and a is the number that should be higher
than maximum sequence number during the working of
network, b is the maximum hop count between two furthest
Figure 3. PDR in presence of one malicious node
nodes plus one in the network, i is the value of sequence
number and j is the hop count (patently j for source node is 0).
We assume that before sending the RREQ with source node,
all nodes in the network know the value:
h( a +1).b ( seed ) (2)
We called this value criterion. Therefore, source node
generates the hash of the seed using the formula (1) and places
it in the hash_RREQ field; for example, for first RREQ that is
sent by source node, i=1 and j=0 . When this packet, RREQ,
arrives to next hop, at the first step, this node checks the
validity of hash value by knowing the formula (2). It means
that the receiver node computes hash of hash_RREQ for y
times, where y is the difference between order of hash in Figure 4. PDR in presence of two malicious nodes
hash_RREQ and order of hash in criterion. If it is equal to
depicted in Fig. 1. Furthermore, operation at intermediate
criterion, Eq. (2), so intermediate node accepts this packet and
nodes, on receiving RREP, is exactly the same as Fig. 1.
inserts appropriate entry in relation with source node in its
routing table. On the other hand, receiver node, after
validating of hash_RREQ, changes its criterion to the value of VII. SIMULATION RESULTS
hash_RREQ. Now this node should change the hash_RREQ in For the simulation, we use OPNET 14.0.A [22] as a simulator.
accordance with 1. It means that this node calculates hash of Our network topology is indicated in Fig. 2. TABLE I contains
the hash_RREQ and places it in hash_RREQ. parameters that we choose for simulation. For evaluating the
performance of the network, we consider the following
Similarly, destination node does as above but calculates
metrics:
hash chain in accordance with its own seed. Destination node
places the value of hash in hash_RREP. New RREP is shown Packet Delivery Ratio: The ratio of the data delivered to the
below: destination to the data sent out by the source.
Normal RREP Hash-RREP Various mobilities of nodes have been considered to measure
the performance of network in presence of malicious nodes as
Other things and operation are exactly similar to RREQ.
attackers. Fig. 3 demonstrates the results in presence of only
Thus, malicious nodes cannot increase sequence number and
one malicious node. In this scenario mobile-node-5 is the
decrease hop count. Because if they want do this, they should
attacker. In Fig. 4, mobile-node-5 and mobile-node-20 act as
calculate hash in lower order and obviously this is impossible,
malicious nodes. Mobile-node-5, mobile-node-20 and mobile
for instance, with having h_20 it is impossible to calculate
node-10 are malicious nodes in another scenario and results of
h_19. Consequently, malicious nodes can only increase hop
this section are presented in Fig. 5. In another scenario mobile-
count or decrease sequence number. As a result, wrong
node-5, mobile-node20, mobile-node-10 and mobile-node-11
information about sequence number and hop count cannot be
send fake messages to construct a black hole attack. Related
placed in routing tables. Besides, each node has a blacklist and
results are illustrated in Fig. 6. Fig. 7, Fig. 8 and Fig. 9 show
when a node receive RREQ or RREP from malicious node that
the variation of PDR when the number of malicious nodes in
hash_RREQ or hash_RREP field is not valid, puts the name of
the network is varied from 1 to 4 in the mobility of 10m/s,
the sender in its own blacklist. Furthermore all packets from
30m/s, 50m/s respectively. As it is shown by these figures, the
nodes in blacklist won’t be accepted and must be discarded.
proposed mechanism improves PDR nodes, in other words,
Operation at intermediate nodes, when receive RREQ, is
this approach protects MANETs against black hole attack.

27 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 1, 2011

Figure 5. PDR in presence of three malicious nodes Figure 9. Analysis of PDR vs. different number of attacker in
50m/s

VIII. REFERENCES

[1] E. Çayırcı, C.Rong, “Security in Wireless Ad Hoc and Sensor
Networks,” vol. I. New York: Wiley 2009, pp. 10.
[2] C. E. Perkins, E. M. B. Royer and S. R. Das, “Ad-hoc On-Demand
Distance Vector (AODV) Routing,” Mobile Ad-hoc Networking
Working Group, Internet Draft, draft-ietf-manetaodv- 00.txt, Feb. 2003.
[3] E. M. Royer and C-K Toh, “A Review of Current Routing Protocols for
Ad-Hoc Mobile Wireless Networks,” IEEE Person. Commun., Vol. 6,
no. 2, Apr. 1999.
Figure 6. PDR in presence of four malicious nodes [4] C. E. Perkins and P. Bhagwat, “Highly Dynamic Destination-Sequenced
Distance-Vector Routing (DSDV) for Mobile Computers,” Proceedings
of the SIGCOMM ’94 Conference on Communications Architectures,
Protocols and Applications, pp 234–244, Aug.1994.
[5] D. B. Johnson, D. A. Maltz, “Dynamic Source Routing in Ad Hoc
Wireless Networks”, Mobile Computing, edited by Tomasz Imielinski
and Hank Korth, Chapter 5, pp 153- 181, Kluwer Academic Publishers,
1996.
[6] M. Ilyas, “The Handbook of Ad hoc wireless Networks,” CRC Press,
2003.
[7] Stamouli, “Real-time Intrusion Detection for Ad hoc Networks”
Master’s thesis, University of Dublin, Sep. 2003.
[8] Y.-C. Hu, A. Perrig, D. B. Johnson, “Ariadne: A Secure On-Demand
Routing Protocol for Ad hoc Networks,” Proc. 8th ACM Int’l. Conf.
Mobile Computing and Networking (Mobicom’02), Atlanta, Georgia,
Sep. 2002, pp. 12-23.
Figure 7. Analysis of PDR vs. different number of attacker in [9] Y.-C. Hu, D. B. Johnson, A. Perrig, “SEAD: Secure Efficient Distance
10m/s Vector Routing for Mobile Wireless Ad hoc Networks,” Proc. 4th IEEE
Workshop on Mobile Computing Systems and Applications, Callicoon,
NY, Jun. 2002, pp. 3-13.
[10] K. Sanzgiri, B. Dahill, B. Levine, C. Shields, and E. Belding-Royer, A
Secure Routing Protocol for Ad Hoc Networks. Proc. of IEEE
International Conference on Network Protocols (ICNP), pp. 78-87, 2002.
[11] S. Yi, P. Naldurg, R. Kravets, “Security-Aware Ad hoc Routing for
Wireless Networks,” Proc. 2nd ACM Symp. Mobile Ad hoc Networking
and Computing (Mobihoc’01), Long Beach, CA, Oct. 2001, pp. 299-
302.
[12] M. Zapata, “Secure Ad Hoc On-Demand Distance Vector (SAODV),”
Internet draft, draft-guerrero-manet-saodv-01.txt, 2002.
[13] D. Cerri, A. Ghioni, “SecuringAODV: The A-SAODV Secure Routing
Prototype,” IEEE Communication Magazine, Feb. 2008, pp 120-125.
[14] K. Mishra, B. D. Sahoo, “A Modified Adaptive-Saodv Prototype For
Performance Enhancement In Manet,” International Journal Of
Figure 8. Analysis of PDR vs. different number of attacker in
Computer Applications In Engineering, Technology And Sciences (Ij-
30m/s
Ca-Ets), Apr. 2009 – Sep. 2009, pp 443-447.

28 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 1, 2011
[15] H. Deng, W. Li, and D. P. Agrawal, “Routing security in ad hoc Networks by Dynamic Learning Method”, International Journal of
networks,” IEEE Communications Magazine, vol. 40, no. 10, pp. 70-75, Network Security, Vol.5, No.3, pp 338-346, Nov. 2007 .
Oct. 2002 [20] L. Li , C. Chigan, “Token Routing: A Power Efficient Method for
[16] Y. Zhang and W. Lee, "Intrusion detection in wireless ad – hoc Securing AODV Routing Protocol,” Proceedings of the 2006 IEEE
networks," 6th annual international Mobile computing and networking International Conference on Networking, Sensing and Control, 2006.
Conference Proceedings, 2000. ICNSC '06, (Apr. 2006) pp 29- 34.
[17] S. Lee, B. Han, and M. Shin, “Robust routing in wireless ad hoc [21] Y. C. Hu, A. Perring, D. B. Johnson, “Wormhole Attacks in Wireless
networks,” in ICPP Workshops, pp. 73, 2002. Networks,” Ieee Journal On Selected Areas In Communications, Vol.
[18] Y. A. Huang and W. Lee, “Attack analysis and detection for ad hoc 24, No. 2, Feb. 2006.
routing protocols,” in The 7th International Symposium on Recent [22] http://www.opnet.com
Advances in Intrusion Detection (RAID’04), pp. 125-145, French
Riviera, Sept. 2004.
[19] S. Kurosawa, H. Nakayama, N. Kat, A. Jamalipour, and Yoshiaki
Nemoto, “Detecting Blackhole Attack on AODV-based Mobile Ad Hoc

29 http://sites.google.com/site/ijcsis/
ISSN 1947-5500